Security is a top priority for our team. Our planning, development and deployment processes are based on years of best-practices.TALK TO AN EXPERT
Assembla Enterprise Cloud Version Control is the most secure version control platform in the world. We help companies embrace agile, meet compliance, and stay innovative while keeping source code safe.
Download our whitepaper
Our operational playbook includes a bottom-up evaluation of the risks to security, risk mitigation techniques, and ongoing areas of investment to further reduce risks.
A 24/7/365 DevOps team continuously monitors network access and traffic using real-time intrusion monitors. Data Centers and production access is restricted to admins with individual user credentials. Passwords are never stored directly in the database, and all API and API communication between you and Assembla is conducted using the strongest encryption standards.
Assembla replicates data and repositories in real-time across multiple geographically diverse locations and offers multiple additional disaster recovery options including redundant backups in AWS and Azure. Encrypted, monitored, backed up, secure.
We are passionate about agile software development, continuous integration and delivery. Assembla uses HackerOne, a leading premier vulnerability coordination platform to provide proactive vulnerability dectection. Our team manages inbound reports from the HackerOne community and quickly remediates issue to ensure the safety and security of your repositories.
Over a hundred years of combined Security experience running mission critical workloads in the cloud make up the fabric of our Security teams. We use behavioral analysis, static rules, and custom filters looking for zero-day exploits.
We use Static Rules (User definitions such as IP address, HTTP header content, country, and session ID) and Dynamic Filtering (Behavioral and reputational filtering of threat data automatically and in real-time) in our security stack.
We also believe in strong Layer 7 Protection (Top layer firewall for threat detection, mitigation and syndication) with our partners Cloudflare.
Assembla is also fully certified on PrivacyShield. The full report is available on request.
We are Level 3 PCI certified and partner with Level 1 provider Chargify to process transactions. Download our PCI DSS certificate here.
Our security controls are audited each year, following the AICPA SSAE-16 SOC 2 guidelines for the Security and Availability principles. The full report is available on request.
All Assembla Cloud Services follow DevOps principles and are using automated, continuous deployment for all application code.
How Assembla Approaches Security
Assembla offers multiple infrastructure design options including managed private cloud. Global deployment options with multi-node infrastructure in North America, EMEA and APAC. Can be customized to meet unique compliance security and SLA requirements up to 99.99%.
Assembla is fully committed to GPDR and HIPAA compliance in 2018.